Skip to content

Permission-Denied #4990

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
jachzen opened this issue Jun 7, 2021 · 6 comments
Closed

Permission-Denied #4990

jachzen opened this issue Jun 7, 2021 · 6 comments
Labels
api: firestore

Comments

@jachzen
Copy link

jachzen commented Jun 7, 2021

  • Operating System version: MacOS 11.2.3
  • Browser version: Chrome 91
  • Firebase SDK version: 8.6.2
  • Firebase Product:database (auth, database, storage, etc)

Remark : I am using angular fire 6.1.5.
Since version 8.6.2 (8.6.1 does not have this issue) after logging in via auth.signInWithEmailAndPassword and getting the user by listening to the authstate change, it is not possible to get data from Firestore database although a valid authorized user is used. (code='permission-denied').

Seems that this rule does not match anymore:
match /users/{userId} {
allow read: if request.auth.uid == userId;
}
Switching back to 8.6.1 fixes the problem.
@google-oss-bot
Copy link
Contributor

I couldn't figure out how to label this issue, so I've labeled it for a human to triage. Hang tight.

@trakhimenok
Copy link

Same regression with 8.6.5, reverting to 8.6.1 fixes it.

@lesharris
Copy link

We also hit this and had to downgrade to 8.6.1 which has resolved it.

@looptheloop88
Copy link

Hi @jachzen, thanks for the report. Could this be an issue with AngularFire? I tried using the SDK version 6.8.5, but I wasn't able to replicate the issue.

I'm using the security rules below and able to read/write to Firestore database successfully:

rules_version = '2';
service cloud.firestore {
  match /databases/{database}/documents {
     match /users/{userId} {
  		allow read, write: if request.auth.uid == userId;
  	 }
  }
}

Write to Firestore database:

const userID = firebase.auth().currentUser.uid;
firebase.firestore().collection("users").doc(userID).set({
   name: "looptheloop88"
})
.then(() => {
   console.log("Document successfully written!");
})
.catch((error) => {
   console.error("Error writing document: ", error);
});

Read from Firestore database:

const userID = firebase.auth().currentUser.uid;
const docRef = firebase.firestore().collection("users").doc(userID);
docRef.get().then((doc) => {
   if (doc.exists) {
      console.log("Document data:", doc.data());
   } else {
      console.log("No such document!");
   }
}).catch((error) => {
   console.log("Error getting document:", error);
});

Would you mind sharing a minimal, but complete sample of a project that I can run locally to replicate the issue?

@looptheloop88 looptheloop88 mentioned this issue Jun 9, 2021
Closed
@EazDine
Copy link

EazDine commented Jun 9, 2021

Same "firebase": "^8.6.5" getting FirebaseError: Missing or insufficient permissions.

rules_version = '2';
service cloud.firestore {
match /databases/{database}/documents {
match /users/{userId} {
allow read, write: if request.auth.uid == userId;
}
}
}

Query I am trying with :

const query = this.firestore.collection(FirebaseCollection.USERS);
query.ref.where('userId', '==', u.uid).get().then((res: any) => {
if (!res.empty) {
res.forEach(data => {
this.userDetails = data.data();
}
});

@looptheloop88
Copy link

Per checking, this issue is a duplicate of #4932.

@firebase firebase locked and limited conversation to collaborators Jul 11, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
api: firestore
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@trakhimenok @lesharris @jachzen @google-oss-bot @EazDine @looptheloop88